# file      : tests/agent-pkcs11.testscript
# copyright : Copyright (c) 2014-2019 Code Synthesis Ltd
# license   : MIT; see accompanying LICENSE file

: args
:
{
  : none
  :
  $* 2>'error: private key URL argument expected' != 0

  : invalid-url
  :
  $* 'http://key' 2>'error: invalid PKCS#11 URL: invalid scheme' != 0
}

: existent-module
:
{
  url = 'pkcs11:?pin-value=123123'

  : failure
  :
  $* --simulate failure "$url" 2>>EOE != 0
    error: no matching private key found
    EOE

  : success
  :
  {
    $* --simulate success "$url" | set script;

    sed -n -e 's/^OPENSSL_AGENT_PKCS11_PID=(.+);.+;$/\1/p' <"$script" | \
    set pid;

    echo "$script" >>~"%EOO%";
      %OPENSSL_AGENT_PKCS11_SOCK=.+; export OPENSSL_AGENT_PKCS11_SOCK;%
      OPENSSL_AGENT_PKCS11_PID=$pid; export OPENSSL_AGENT_PKCS11_PID;
      echo Agent pid $pid
      EOO

    kill -0 "$pid"; # Make sure the agent is running.
    kill    "$pid"; # Signal the agent to terminate.
    sleep 2;        # Wait a bit while the agent is terminating.

    # Make sure the agent is not running.
    #
    # Normally two seconds should be enough for the agent to terminate. It can
    # probably take longer in some rear cases, but not being able to terminate
    # in ten seconds most likely indicates an issue.
    #
    if kill -0 "$pid" 2>!
      sleep 8
      kill -0 "$pid" 2>! != 0
    end
  }
}

: non-existent-module
:
{
  url = 'pkcs11:?pin-value=123123&module-name=non-existing-pkcs11-module'

  : failure
  :
  $* --simulate failure "$url" 2>>EOE != 0
    error: no matching private key found
    EOE

  : success
  :
  {
    $* --simulate success "$url" | set script;

    sed -n -e 's/^OPENSSL_AGENT_PKCS11_PID=(.+);.+;$/\1/p' <"$script" | \
    set pid;

    kill -0 "$pid"; # Make sure the agent is running.
    kill    "$pid"  # Signal the agent to terminate.
  }
}